From mirandacascadeagain at YAHOO.COM Sun May 6 04:11:16 2007 From: mirandacascadeagain at YAHOO.COM (Miranda Evans) Date: Sat, 5 May 2007 19:11:16 -0700 Subject: [PYTHON-CRYPTO] python cryptographic packages Message-ID: <171325.38366.qm@web36108.mail.mud.yahoo.com> Situation is this: 1) I am using the PyCrypto package in an application 2) I observed postings, et al that gave me the impression that there are other python packages that may simplify the use of PyCrypto 3) I'm hoping to determine whether my understanding of the various packages is accurate 4) There are some specific questions at the bottom of this e-mail; that I'm hoping to get answers for. Here is what I inferred from various postings. If an item begins with '???' it means that I have very little confidence in my inference. a) the ezPyCrypto package was introduced to simplify the use of the PyCrypto package b) the ezPyCrypto package is a wrapper; it makes calls to the PyCrypto package c) the introduction of the SSLCrypto package deprecated the ezPyCrypto package; like the ezPyCrypto package, the SSLCrypto package was intended to simplify the use of the PyCrypto package d) ??? the SSLCrypto package makes some calls to the PyCrypto package but it also makes some calls to an OpenSSL application e) ??? in order to use the SSLCrypto package one must install the PyCrypto package Questions: 1) Are the inferences above correct? If not, will you please identify where they are in error? 2) can one use the SSLCrypto package to perform an HMAC message digest calculation (accomplished in PyCrypto package via Crypto.Hash.HMAC class)? 3) can one use the SSLCrypto package to perform an SHA256 hash (accomplished in PyCrypto package via Crypto.Hash.SHA256 class)? Thank you. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com From ty.legette at GMAIL.COM Mon May 28 05:09:22 2007 From: ty.legette at GMAIL.COM (Ti Lyte) Date: Mon, 28 May 2007 05:09:22 +0200 Subject: [PYTHON-CRYPTO] pycrypto with different encryption client Message-ID: frustrated newb here - i can get the AES pycrypto to work (meaning encrypt and decrypt) but the problem i'm having is when the encryption is being performed from another client program (in this case a Javascript client). The two clients that I've tried are 1) http://www.fourmilab.ch/javascrypt/javascrypt.html which uses AES-256 and 2) http://home.versatel.nl/MAvanEverdingen/Code/. Both can produce base64 encoded ciphertext and I'm testing with CBC mode. So I'm basically producing ciphertext with one of these javascript client, base64 decoding with python's base64 module and trying the decrypt function (using same key of course) on it and it just produces garbage. Wondering if the IV has anything to do with it, i know the first round in CBC using the IV which none of the javascript clients allow you to set. Can anyone help plz?? Feel free to try anyone of those clients, they both allow you to encrypt/decrypt with their websites. From sascha-ml-cryptography-python-crypto at SILBE.ORG Mon May 28 13:59:30 2007 From: sascha-ml-cryptography-python-crypto at SILBE.ORG (Sascha Silbe) Date: Mon, 28 May 2007 13:59:30 +0200 Subject: [PYTHON-CRYPTO] pycrypto with different encryption client In-Reply-To: References: Message-ID: <20070528115930.GA16092@cube.sascha.silbe.org> On Mon, May 28, 2007 at 05:08:59AM +0200, Ti Lyte wrote: > Wondering if the IV has anything to do with it, i know the first round > in CBC using the IV which none of the javascript clients allow you to > set. A quick glance over the code (aes.js:485..486) suggests that the first block of "ciphertext" produced by rijndaelEncrypt() is the IV. So in order to decrypt this data it should suffice to take the first block of "ciphertext", set it as IV, and decrypt the remaining blocks. Haven't tested it, though. CU Sascha -- http://sascha.silbe.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: not available URL: From ty.legette at GMAIL.COM Tue May 29 18:54:08 2007 From: ty.legette at GMAIL.COM (Ti Lyte) Date: Tue, 29 May 2007 18:54:08 +0200 Subject: [PYTHON-CRYPTO] pycrypto with different encryption client Message-ID: do i need to alter the code to spit out the first block or if i don't provide an IV pycrypto decrypt() will it try to pull the IV from the first block?